Linksys BEFSR41
SonicWall SOHO
Belkin OmniCube
Cybex SwitchView


ZoneAlarm 2.1
Price: Free



Ease of Use:

Rating: 1

Pros: Free
Cons: Everything else


   This program is advertised as a desktop firewall. This program doesn't have much in common with standard firewalls. It may block incoming and outgoing traffic, but the resemblance stops there. A "normal" firewall will allow/disallow traffic by port number (such as port 80 for web-browser, port 25 for smtp, etc). But not this firewall. ZoneAlarm keeps a list of programs that is allowed to use network resources. So, if you switch web-browser after 6 months, you'll be asked if it's ok for your new browser to use the network, and if you say "yes", you're set to go. That's all fine until you load up a game which doesn't allow ZoneAlarm to display it's little dialog box....

   Configuration is simple enough, but the choices given are too similar, you're given the options of "Very paranoid", "Extremely paranoid", and "Ultra paranoid". Neither setting will disable the annoying application privilege option. This also applies to your local network, btw, not only the internet. Any program that might need to contact another computer on your LAN will have to be specifically permitted by ZoneAlarm to do this.

   As a firewall, this product is barely useful. True, it will protect your computer from attacks by anyone, including yourself. The inability of the program to ignore local traffic and concentrate on  Internet based traffic is most annoying. You can't even ping the computers on your LAN without ZoneAlarm giving you a warning. Its logging capabilities leaves much to be desired. As the program itself, the logs will tell you which program did what. And it's a little too much interested in what I'm doing on my LAN rather than what I'm doing on the internet. My logfile has ONE entry for Netscape, apparently doing a DNS lookup; it has over 100 entries for MS FrontPage connecting to my LAN web-server... I'm also seeing a couple of entries for ZoneAlarm itself doing some DNS look-ups ... wonder why that is.

   A simple port scan test showed that the program actually does something if probed, but only on the Ultra paranoid setting. If you are desperate for some protection and are unwilling to spend the money, you might want to consider this product.

   Oh, and the option to "Load ZoneAlarm on startup" doesn't work... One thing I did like was the use of non-standard colors. I don't like the colors, but seeing something that is not gray is refreshing.